Identity verification is an important feature of modern computerized devices. Computerized devices provide portals to sensitive control systems, financial information, and personal information that should only be accessible to a certain individual or set of people. Aside from security, identity verification can provide a degree of convenience for tracking use of the device or customizing the device for a user. In the case of a multiuser device, the device can use identity verification information to provide data or interfaces that are specifically applicable to a single user, or provide a more accurate record of which user conducted which actions using the device. For example, a point of sale (POS) device can keep track of which employee used the device to conduct a specific transaction. Furthermore, some multiuser devices are designed specifically for identification purposes such as time card systems that track when an employee clocked in for work, or electronically controlled access points that determine whether a user is authorized to pass through a physical barrier.
Traditional approaches for identity verification include verification operations conducted using various kinds of information that are colloquially referred to as: who you are, what you know, and what you have. Biometric (who you are) information is replacing passwords (what you know) information in an increasing number of applications due to its universality, permanence, and convenience. However, the permanence of biometric information has caused this increase in usage to be accompanied by increased privacy concerns. If a favorite password is compromised by an identity thief, a user can very easily switch to a different arbitrary string of characters. However, if biometric data is compromised, the situation is much more serious. Aside from its permanence, the simple fact that biometric information is a part of one's person makes it feel more personal. People that are not usually concerned with permanent personal information like their mother's maiden name being stored and used to identify them will sometimes balk at providing a fingerprint or iris scan to a third party. Furthermore, the use of biometric information often requires a time-consuming registration process that involves training the device with multiple samples of whatever biometric data is being used. For example, the training procedures can involve multiple scans of a single fingerprint or multiple prompts for a vocal sample.